Dealing with findings

Lynis screenshot with hardening index.

At the end of the Lynis scan a report is displayed with the findings, a hardening index and the location of several related files.

This audit overview can be used to determine what items are discovered and need more investigation. This might include serious vulnerabilities which were discovered, but also minor items. It’s even possible that some value is discovered, which is configured “weak” on purpose (e.g. depending on the role the system has).

Each finding can be found in the log file as well. The related test ID is displayed at the end of the line. For example:

While this does give us positive search results, there is more information available. Therefore it’s better to open up the logfile (e.g. with less) and search for the first line matching. This will be the first line as shown in the example, as this is also the start of the test.

The log file might also provide hints on what has been checked and where to fix them. Still, we advise to carefully read the documentation about every configuration file or parameter.

Lynis Enterprise Suite

For companies and people who need more than just vulnerability checking, there is the Lynis Enterprise Suite. This includes Lynis, management reporting, dashboards, detailed explanation on fixing vulnerabilities and improve system security. To help with automation, the enterprise version also includes snippets.